Netca 1 60-592 Instructor : Dr A. K. Agrawal



Yüklə 447 b.
tarix14.10.2017
ölçüsü447 b.
#4673


netcat1.1

  • 60-592

  • Instructor : Dr A.K. Agrawal

  • Presented By: Ashutosh Sood


Purpose of Presentation…?

  • Analyze the network

  • Identify the network security issues



Tools for Research

  • Information Gathering tools

  • Forensic tools

  • Network Utility tools

  • Password Auditing tools

  • Recovery And Restoration Tools

  • Vulnerability Scanning & Analysis tools



What is netcat ?

  • Swiss Army Knife of Network

  • A versatile network Utility tool

  • Uses TCP and UDP protocol

  • Designed as a backend tool

    • Can be used directly
    • Driven by other programs


Power of netcat1.1

  • Can create Outbound or Inbound connections TCP or UDP to or from any ports

  • Full DNS forward reverse checking

  • Can use any local port

  • Can use any locally configured network address

  • Port scanning with randomizer

  • Option to let other program service establish connections

  • Optional telnet responder



How Do I use netcat1.1 ?

  • General form of usage is

    • nc [switches] [hostname] [portnumber]
  • Simplest Usage would be

    • nc –v www.msn.com 80
    • Use GET method GET / HTTP/1.0
  • Hostname can be a name or IP Address



Use of –n switch

  • Use of –n switch

    • If not specified performs forward and reverse DNS look up
    • Reports the problem of mismatched names in DNS


Options

  • -v

    • Controls the verbosity level
  • -w

    • Sets the network inactivity timeout
  • -p



Options

  • -o

    • To obtain hexdump file of data sent either way
  • -l

    • Makes netcat wait for inbound connections
    • And once connection is established it transfers the data


Interesting -l

  • Can use to create like a listening netcat server

  • On listening end

    • D:\tools\nc>nc –l -p 1234 < test.txt
  • On client end

    • D:\tools\nc>nc 192.168.0.100 1234


Options

  • -L

    • Listen harder
  • -r

  • -z

    • Zero – I/O mode [used in scanning]


Options

  • -e

    • Allows to execute a program (dangerous)
  • -d

    • Allows to run in detached mode without console window
  • -u

    • Makes a UDP connection instead of TCP connection


Options

  • -s

    • Local source address
  • -i

    • Specifies delay interval for lines sent or ports scanned
  • -t

    • Answer telnet negotiation


Put the Knife to Use

  • Use It GOOD

  • Use It BAD



USE IT GOOD

  • Port Scanning

    • Find what is out there
      • nc –v –w 5 –r davinci.newcs.uwindsor.ca 20-30




USE IT GOOD

  • Simple Data Transfer Agent

    • Immaterial which side is server and which side is client
    • Input at one goes as output to another
  • HEX Dump Feature

    • Can be used to analyze odd network protocols


USE IT GOOD

  • Performance Testing

    • Generate large amount of useless data on network with server on one end and client on other end we can use it to test network performance.
  • Protect your workstations X server



DARK SIDE

  • Scanning for vulnerable services

    • Can use files as input to netcat and scan the system by using –i and –r switches
  • Can use –e option to execute programs

  • SYN-Bombing

    • Can disable TCP servers


EXAMPLE

  • Listen on port 21 (FTP Port) using netcat with –e switch to execute cmd.exe

  • FTP request made from a different machine on the listener machine



RESULT



Environment

  • Local Home Network

    • ISP --- Cogeco
    • Three PC’s OS Windows XP
    • Connected via DLink Router
    • Cat 5 connecting cables used


Conclusion

  • Netcat is a very useful network utility tool

  • Very light but extremely effective

  • Particularly when it can listen and execute programs when connection requests are made on the specific ports



Credits

  • Chris Wysopal

  • Hobbit

  • www.atstake.com





Yüklə 447 b.

Dostları ilə paylaş:




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©genderi.org 2024
rəhbərliyinə müraciət

    Ana səhifə